Skill UI

Centralizes proven red team methodologies into an automated reconnaissance and vulnerability discovery workflow that sequences asset discovery, live host validation, fingerprinting, content hunting, and exploit surface analysis for bug bounty and defensive assessments.

A guide for security researchers focused on finding exploitable, remote-reachable vulnerabilities for bug bounties or responsible disclosure. It emphasizes high-signal flaws such as SSRF, RCE, and SQL injection, while guiding users through the professional triage and PoC creation process for penetration testing.

A comprehensive checklist and methodology for penetration testing file upload endpoints. Covers critical vulnerabilities such as MIME type bypass, extension bypass, magic byte manipulation, path traversal, and stored XSS. Essential for web application security assessment and bug bounty hunting, guiding testers through basic testing to advanced exploitation techniques like Null Byte injection and double extensions.

A comprehensive checklist designed for assessing the security posture of GraphQL endpoints. It covers advanced vulnerabilities such as introspection abuse, IDOR, query depth/complexity DoS, injection attacks (SQLi/NoSQLi), and authorization bypass mechanisms. Essential for professional penetration testing and bug bounty hunting.

This comprehensive checklist guides users through identifying and exploiting open redirect vulnerabilities in web applications. It covers parameter identification, advanced bypass techniques (e.g., URL encoding, CRLF injection), and chaining the vulnerability with other flaws like OAuth or SSRF. Ideal for web application penetration testing and bug bounty hunting.

This skill provides a comprehensive, structured methodology and checklist for identifying Remote Code Execution (RCE) vulnerabilities across various web applications. It covers advanced attack vectors such as OS command injection, Server-Side Template Injection (SSTI), insecure deserialization, file upload flaws, and XXE. Use this guide during web application penetration testing or bug bounty hunting to systematically discover arbitrary code execution paths.